Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0161 -- [RedHat] Moderate: samba security update 15 March 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: samba Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Impact: Denial of Service Access: Existing Account CVE Names: CVE-2007-0452 Ref: ESB-2007.0075 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0061.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: samba security update Advisory ID: RHSA-2007:0061-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0061.html Issue date: 2007-03-14 Updated on: 2007-03-14 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0452 - - --------------------------------------------------------------------- 1. Summary: Updated samba packages that fix a denial of service vulnerability are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba's smbd daemon process. An authenticated user could send a specially crafted request which would cause a smbd child process to enter an infinite loop condition. By opening multiple CIFS sessions, an attacker could exhaust system resources (CVE-2007-0452). Users of Samba should update to these packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 225519 - CVE-2007-0452 Samba smbd denial of service 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.23c-2.el5.2.src.rpm b9f0c930e596610146f3f4d22461cf2e samba-3.0.23c-2.el5.2.src.rpm i386: 4376969ef05a38386a8a86b1bc6b07b3 samba-3.0.23c-2.el5.2.i386.rpm 1454b468e11fc429da90d704a7c5f791 samba-client-3.0.23c-2.el5.2.i386.rpm 16a459ee79fe73edacad0c98d12a14d2 samba-common-3.0.23c-2.el5.2.i386.rpm 2a82d8e06843ad076deaa5ca7c0af50e samba-debuginfo-3.0.23c-2.el5.2.i386.rpm 8e078f1407f14fa52780d8ef488726be samba-swat-3.0.23c-2.el5.2.i386.rpm x86_64: 901320e342fd069aa87098c0e5dc3b2b samba-3.0.23c-2.el5.2.x86_64.rpm ed4f873bcd6c85e5bd96f4dab7403a1f samba-client-3.0.23c-2.el5.2.x86_64.rpm 16a459ee79fe73edacad0c98d12a14d2 samba-common-3.0.23c-2.el5.2.i386.rpm 28dcc7b44ccce83118aac405a37e2a13 samba-common-3.0.23c-2.el5.2.x86_64.rpm 2a82d8e06843ad076deaa5ca7c0af50e samba-debuginfo-3.0.23c-2.el5.2.i386.rpm f0815980251cadeef8a6b2e10a8d9a94 samba-debuginfo-3.0.23c-2.el5.2.x86_64.rpm 25eb4104ac88c7db7eed56f08987cd70 samba-swat-3.0.23c-2.el5.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.23c-2.el5.2.src.rpm b9f0c930e596610146f3f4d22461cf2e samba-3.0.23c-2.el5.2.src.rpm i386: 4376969ef05a38386a8a86b1bc6b07b3 samba-3.0.23c-2.el5.2.i386.rpm 1454b468e11fc429da90d704a7c5f791 samba-client-3.0.23c-2.el5.2.i386.rpm 16a459ee79fe73edacad0c98d12a14d2 samba-common-3.0.23c-2.el5.2.i386.rpm 2a82d8e06843ad076deaa5ca7c0af50e samba-debuginfo-3.0.23c-2.el5.2.i386.rpm 8e078f1407f14fa52780d8ef488726be samba-swat-3.0.23c-2.el5.2.i386.rpm ia64: f19aecd0327538f56455e54cdb3ccf20 samba-3.0.23c-2.el5.2.ia64.rpm bccc097f869bc43b91fa4eb35e1e9249 samba-client-3.0.23c-2.el5.2.ia64.rpm 95d95f23f1384a5410bf54465399b022 samba-common-3.0.23c-2.el5.2.ia64.rpm 0bf86c4e53549f8768bc97cb040d1917 samba-debuginfo-3.0.23c-2.el5.2.ia64.rpm 7afd29addffd0835eb8d893832a3036a samba-swat-3.0.23c-2.el5.2.ia64.rpm ppc: df4ca6d488bc7ed247f2a4a12b6e193a samba-3.0.23c-2.el5.2.ppc.rpm 8a8f2df3bd72b7abd7439125c924b296 samba-client-3.0.23c-2.el5.2.ppc.rpm 66f5bc534bc003dc901495b6ea83052a samba-common-3.0.23c-2.el5.2.ppc.rpm 633739582b5e6310bb6fb96aa2469552 samba-common-3.0.23c-2.el5.2.ppc64.rpm f3d55887555dda82400dbe2dadb81f5e samba-debuginfo-3.0.23c-2.el5.2.ppc.rpm 5ce6fe708dd9a117e528fb445cfda954 samba-debuginfo-3.0.23c-2.el5.2.ppc64.rpm f2a619484d20fd94a0cf4414228216cc samba-swat-3.0.23c-2.el5.2.ppc.rpm s390x: 251635f6d0f5cbde27aa105289e38b7d samba-3.0.23c-2.el5.2.s390x.rpm d24679151bfa4ee38dd34dacf64f739a samba-client-3.0.23c-2.el5.2.s390x.rpm c8c0e08334f306279a7133ad1f126190 samba-common-3.0.23c-2.el5.2.s390.rpm 1a0c32a0758814818dccd46162925c2f samba-common-3.0.23c-2.el5.2.s390x.rpm 294c8592f8817965aa1cabc8b1ae7297 samba-debuginfo-3.0.23c-2.el5.2.s390.rpm 1a2d8e1b8172798000a5a507f20d48ad samba-debuginfo-3.0.23c-2.el5.2.s390x.rpm 0e2b6e82f64c5d77eb769fafa58dc7b9 samba-swat-3.0.23c-2.el5.2.s390x.rpm x86_64: 901320e342fd069aa87098c0e5dc3b2b samba-3.0.23c-2.el5.2.x86_64.rpm ed4f873bcd6c85e5bd96f4dab7403a1f samba-client-3.0.23c-2.el5.2.x86_64.rpm 16a459ee79fe73edacad0c98d12a14d2 samba-common-3.0.23c-2.el5.2.i386.rpm 28dcc7b44ccce83118aac405a37e2a13 samba-common-3.0.23c-2.el5.2.x86_64.rpm 2a82d8e06843ad076deaa5ca7c0af50e samba-debuginfo-3.0.23c-2.el5.2.i386.rpm f0815980251cadeef8a6b2e10a8d9a94 samba-debuginfo-3.0.23c-2.el5.2.x86_64.rpm 25eb4104ac88c7db7eed56f08987cd70 samba-swat-3.0.23c-2.el5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF+BZnXlSAg2UNWIIRAtlSAJ4x9oUFbJpvkBDLZg/atndCnej9AgCeJoBY 6O5pBGSe2j5cEFBbT1IFwEw= =hNji - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRfiP0ih9+71yA2DNAQJi8wP8CZUCoJSv9tq+WWfRiI7zLNpd1SUxWR7M r5O656enrEi6BhIb777sjoYR6RixDXx70hpkhd2HyI7/1rElO157Dh7+Sj1SXad5 h8cz2viEDhZYaGC9QNQzon6BLdNlYMHI5jJ0PYIFkGKYuK/a7aDFZKEEdT+3gxMZ nerHNY5aUK4= =iQsx -----END PGP SIGNATURE-----